<?php
mysql_set_charset('utf8');
$id=$_POST['id'];
$password=$_POST['password'];

$dbh = new PDO('mysql:dbname=orb;host=localhost', 'root', '');

$sql = "SELECT UserName,Password,NickName,Point FROM Accounts WHERE UserName='$id'";
$array=$dbh->query($sql);
if(!$array)
{
	header("Location: http://hacksteam-a.dnuts.jp/index.php");
	exit(1);
}

session_start();
foreach($array as $row)
{
	if($row['UserName']==$id&&$row['Password']==$password)
	{
		$_SESSION['UserName']=$row['UserName'];
		$_SESSION['Password']=$row['Password'];
		$_SESSION['NickName']=$row['NickName'];
		$_SESSION['Point']=$row['Point'];
		header("Location: http://hacksteam-a.dnuts.jp/mypage.php");
		exit(1);
	}
	else
	{
		header("Location: http://hacksteam-a.dnuts.jp/index.php");
		exit(1);
	}
}

// MySQLに対する処理

$dbh=null;
?>